Set acl on /var/log on RHEL
diff --git a/heka/map.jinja b/heka/map.jinja
index fd3f6c8..cab337d 100644
--- a/heka/map.jinja
+++ b/heka/map.jinja
@@ -1,6 +1,7 @@
{%- load_yaml as server_defaults %}
Debian:
pkgs:
+ - acl
- heka
- heka-lua-scripts
user:
@@ -20,6 +21,7 @@
service:
- heka
pkgs:
+ - acl
- heka
{%- endload %}
diff --git a/heka/server.sls b/heka/server.sls
index cbe91d9..1f821e6 100644
--- a/heka/server.sls
+++ b/heka/server.sls
@@ -35,7 +35,7 @@
- user: heka_user
{%- if grains.os_family == 'RedHat' %}
-/usr/lib/systemd/system/heka.service:
+/etc/systemd/system/heka.service:
file.managed:
- source: salt://heka/files/heka.service
- require:
@@ -47,6 +47,11 @@
- require:
- user: heka_user
+heka_acl_log:
+ cmd.run:
+ - name: "setfacl -R -m g:adm:rx /var/log; setfacl -R -d -m g:adm:rx /var/log"
+ - unless: "getfacl /var/log/|grep default:group:adm"
+
{%- endif %}
heka_service: